Channels

Services

Critical hole in Cacti

Several vulnerabilities in the network statistics graphing tool Cacti allow attackers to infiltrate code: Input passed in the URL to the Cacti script cmd.php is not properly sanitised before it is used in SQL queries. In addition, the script does not properly restrict access to command line usage, allowing code to be infiltrated through this hole. To exploit these vulnerabilities, the PHP configuration variable register_argc_argv must be enabled on the affected system.

According to security service provider Secunia, these vulnerabilities not only affect the current Cacti version 0.8.6i, but possibly previous versions as well. As an emergency measure, Secunia suggests moving the script - cmd.php, to a file path that cannot be accessed by the browser.